package cn.epsilon3.aop;

import cn.epsilon3.constant.Base;
import cn.epsilon3.constant.ResultEnum;
import cn.epsilon3.exception.Epsilon3ResultException;
import cn.epsilon3.utils.WebUtils;
import cn.epsilon3.utils.SecurityUtils;
import org.aspectj.lang.JoinPoint;
import org.aspectj.lang.annotation.Aspect;
import org.aspectj.lang.annotation.Before;
import org.aspectj.lang.annotation.Pointcut;
import org.springframework.stereotype.Component;
/**
 * @description 验证器切面验证
 * @author: epsilon3
 * @date: 2023/8/23 14:57
 */
@Aspect
@Component
public class E3AuthenticatorAop {

    private static final String AUTH_CODE = "auth_code";

    @Pointcut("@annotation(cn.epsilon3.annotation.E3Authenticator)")
    private void aspect() {
    }

    @Before("aspect()")
    public void around(JoinPoint joinPoint) {
        Boolean enable = SecurityUtils.currentAccount().getFa().getEnable();
        if (enable) {
            WebUtils.setSessionValue(Base.E3_VERIFY_OPE_2FA_SESSION, true);
            Boolean sessionValue = Boolean.valueOf(String.valueOf(WebUtils.getSessionValue(Base.E3_OPE_2FA_SESSION)));
            if (Boolean.FALSE.equals(sessionValue)) {
                throw new Epsilon3ResultException(ResultEnum.NEED_2FA,"需要2FA验证以继续");
            }
            WebUtils.removeSessionValue(Base.E3_OPE_2FA_SESSION);
        }
    }
}
